QID 379285
Date Published: 2024-01-23
QID 379285: Evernote Remote Code Execution (RCE) Vulnerability
Evernote is a popular note-taking and task-management application that helps you capture ideas, organize information, and stay productive.
CVE-2023-50643: Evernote for MacOS version 10.68.2 has a security vulnerability that allows a remote attacker to execute arbitrary code. The affected components include "RunAsNode" and "enableNodeClilnspectArguments", both essential to the application's functionality. Exploiting this vulnerability could grant unauthorized access and control to malicious entities, posing a substantial risk to the confidentiality, integrity, and availability of the data stored in the application.
Affected Versions:
Evernote for MacOS version 10.68.2
QID Detection Logic (Authenticated):
This QID checks for vulnerable version of Evernote by checking the installed applications in MacOS.
Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code leading to complete system compromise.
CVEs related to QID 379285
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| Evernote Download |
|